HJT log

[blade995]

My computer has been running slow on top of my other punk buster problem. So here's my log.

 

 

 

 

 

 

 

Logfile of HijackThis v1.99.1

 

 

 

Scan saved at 7:45:01 PM, on 7/23/2005

 

 

 

Platform: Windows XP SP2 (WinNT 5.01.2600)

 

 

 

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

 

 

 

 

 

 

Running processes:

 

 

 

C:\WINDOWS\System32\smss[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\winlogon[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\services[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\lsass[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\System32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\LEXBCES[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\LEXPPS[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\spoolsv[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\ACS\AOLAcsd[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\Explorer[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

 

 

 

C:\WINDOWS\system32\svchost[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\SOUNDMAN[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\sstray[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\zHotkey[Caution: ExecutableFile]

 

 

 

C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]

 

 

 

C:\Program Files\Digital Media Reader\shwiconem[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

 

 

 

C:\Program Files\Logitech\MouseWare\system\em_exec[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\mcafee.com\agent\mcagent[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsescn[Caution: ExecutableFile]

 

 

 

C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]

 

 

 

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind[Caution: ExecutableFile]

 

 

 

C:\Program Files\Microsoft AntiSpyware\gcasDtServ[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\COMMON~1\AOL\111966~1\EE\AOLHOS~1[Caution: ExecutableFile]

 

 

 

C:\PROGRA~1\COMMON~1\AOL\111966~1\EE\AOLServiceHost[Caution: ExecutableFile]

 

 

 

c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

c:\progra~1\mcafee.com\vso\mcvsftsn[Caution: ExecutableFile]

 

 

 

C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

C:\WINDOWS\system32\wscntfy[Caution: ExecutableFile]

 

 

 

C:\Program Files\Mozilla Firefox\firefox[Caution: ExecutableFile]

 

 

 

C:\Program Files\America Online 9.0\waol[Caution: ExecutableFile]

 

 

 

C:\Program Files\America Online 9.0\shellmon[Caution: ExecutableFile]

 

 

 

C:\Documents and Settings\Brad Redel\Desktop\Brad\HijackThis[Caution: ExecutableFile]

 

 

 

 

 

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online

 

 

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

 

 

 

R3 - Default URLSearchHook is missing

 

 

 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

 

 

 

O2 - BHO: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll

 

 

 

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

 

 

 

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

 

 

 

O2 - BHO: (no name) - {F533B42D-00AB-9384-B696-3E1B506F70E6} - (no file)

 

 

 

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

 

 

 

O3 - Toolbar: Verizon Broadband Toolbar - {4E7BD74F-2B8D-469E-D0FC-E57AF4D5FA7D} - C:\PROGRA~1\COMMON~1\VERIZO~1\SFP\vzbb.dll

 

 

 

O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll

 

 

 

O4 - HKLM\..\Run: [soundMan] SOUNDMAN[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

 

 

O4 - HKLM\..\Run: [nwiz] nwiz[Caution: ExecutableFile] /install

 

 

 

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32[Caution: ExecutableFile] C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

 

 

 

O4 - HKLM\..\Run: [nForce Tray Options] sstray[Caution: ExecutableFile] /r

 

 

 

O4 - HKLM\..\Run: [CHotkey] zHotkey[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [showWnd] ShowWnd[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [sunKistEM] C:\Program Files\Digital Media Reader\shwiconem[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VERIZO~1\SMARTB~1\MotiveSB[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1119661242\EE\AOLHostManager[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [VSOCheckTask] "c:\PROGRA~1\mcafee.com\vso\mcmnhdlr[Caution: ExecutableFile]" /checktask

 

 

 

O4 - HKLM\..\Run: [VirusScan Online] "c:\PROGRA~1\mcafee.com\vso\mcvsshld[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\mcupdate[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL[Caution: ExecutableFile]" -Run

 

 

 

O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper[Caution: ExecutableFile]"

 

 

 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask[Caution: ExecutableFile]" -atboottime

 

 

 

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind[Caution: ExecutableFile]

 

 

 

O4 - HKLM\..\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u

 

 

 

O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL[Caution: ExecutableFile]" -b

 

 

 

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

 

 

 

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

 

 

 

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

 

 

 

O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim[Caution: ExecutableFile]

 

 

 

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

 

 

 

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs[Caution: ExecutableFile]

 

 

 

O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab

 

 

 

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - https://objects.aol.com/mcafee/molbin/s ... insctl.cab

 

 

 

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9656037328

 

 

 

O16 - DPF: {82F2D6B2-6C58-4404-A930-9DB0FD90D4B1} (Driver_Detective_v43_Non_Member.DD_v43) - http://www.drivershq.com/cab/prod/Drive ... Member.CAB

 

 

 

O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - https://objects.aol.com/mcafee/molbin/s ... cGDMgr.cab

 

 

 

O23 - Service: AOL Connectivity Service (AOL ACS) - America Online - C:\Program Files\Common Files\AOL\ACS\AOLAcsd[Caution: ExecutableFile]

 

 

 

O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon[Caution: ExecutableFile]

 

 

 

O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv[Caution: ExecutableFile]

 

 

 

O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService[Caution: ExecutableFile]

 

 

 

O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr[Caution: ExecutableFile]) - Networks Associates Technology, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr[Caution: ExecutableFile]

 

 

 

O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Networks Associates Technology, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte[Caution: ExecutableFile]

 

 

 

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32[Caution: ExecutableFile]

 

 

 

O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS

 

 

 

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon[Caution: ExecutableFile]

 

 

 

 

 

 

 

Thanks for your help.

[Mercifull]

Fix...

 

 

 

 

 

 

 

R3 - Default URLSearchHook is missing

 

 

 

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)

 

 

 

O2 - BHO: (no name) - {F533B42D-00AB-9384-B696-3E1B506F70E6} - (no file)

 

 

 

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

 

 

 

O4 - HKLM\..\Run: [showWnd] ShowWnd[Caution: ExecutableFile]

 

 

 

O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML

 

 

 

 

 

 

 

Run Ad-aware and Spybot S&D with the latest updates tho because they shoudl have picked up ShowWnd[Caution: ExecutableFile]

[blade995]

Thank you merc :) .

 

 

 

 

 

 

 

Wierd, i ran ad-aware and spybot right before i posted the log. It didn't pick up the showwind thing.